Crowdstrike breach prevention platform on AWS

CrowdStrike Delivers A Fully Integrated Breach Prevention Platform for Cloud Workloads Across AWS Cloud and Edge Environments


Two interesting snippets:

CrowdStrike Inc., (NASDAQ: CRWD) a leader in cloud-delivered endpoint and workload protection, today announced new product integrations and certifications that deliver breach protection and streaming observability. These solutions provide consistent security and simplified operational management across Amazon Web Services, Inc. (AWS) cloud-to-edge and customer-managed infrastructure, and break down silos across information technology (IT) security and development operations (DevOps) teams.


“With these latest certifications and integrations, joint customers are provided a consistent security posture and holistic observability of their edge workloads, on-premises data centers and cloud-native deployments, bridging the gap between IT security and DevOps.”

The timing of this press release from Crowdstrike is interesting given that they will present results later today. It sounds a lot like they have now delivered what Datadog is also aiming for - on AWS at least. They even use the same “breaking down silo’s” wording that Datadog uses.

Some of the terminology is a bit too technical for me; perhaps some of the techies on the board could weigh in here, but it sounds like this could be a big deal as they seem to be more seriously moving into the observability space here, a bit of a pre-emptive/defensive play vs what Datadog is planning. I mean contrast the above from Crowdstrike’s PR with the answer that Datadog’s CEO gave in the last quarterly report to an analyst question about what is next in the security space for them:

“we’re getting to the point where soon we’ll have the full V1 of our cloud security platform. I think for that, we’re still missing the general availability of the application security component. Once we have that, I think we look into accelerating the go-to-market side a little bit and maybe doing some of the specialization we’ve been discussing earlier in this call, but we haven’t done that yet.”

The specifics of the new Crowdstrike capabilities are:

EKS Anywhere Support – CrowdStrike provides continuous posture management and breach protection for Amazon Elastic Kubernetes Service (EKS), Amazon EKS with AWS Fargate and now Amazon EKS running on customers’ on-premises infrastructure via Amazon EKS Anywhere. Customers benefit from greater visibility, compliance and the industry’s fastest threat detection and response to outsmart the adversary.

AWS Outposts Launch Partner – IDC predicts that by 2024, due to an explosion of edge data, 65% of the Forbes Global 2000 will embed edge-first data stewardship, security and network practices into data protection plans.¹ As a result, CrowdStrike is proud to be a launch partner of AWS Outposts, spanning the 1U, 2U and 42U form factors. Customers will be afforded a unified security experience across AWS-supported on-premises edge, data center and cloud-native services.

AWS Quick Starts for Humio – Customers will be able to initiate Humio clusters via AWS Quick Starts templates. This will reduce dozens of manual AWS procedures to a few steps, empowering customers to start attaining Humio’s streaming observability at scale and with consistency, within minutes.

Humio Integration with AWS FireLens – Customers are now able to ingest AWS service and event data into Humio via AWS FireLens, container log router for Amazon Elastic Container Service (Amazon ECS) and AWS Fargate. Humio customers will now have greater extensibility to use the breadth of services at AWS to simplify routing of logs to Humio, enabling accelerated threat hunting and search across their AWS footprint for novel and advanced cyber threats.